Your systems. 
Working as one.
How to Cut $2M of Your Safety 
Certification Costs
Edwin de Jong, PhD
Modern Unmanned Aircraft Systems
• Network of
– Multiple Unmanned Aerial Vehicles (UAVs)
– Multiple Ground Control Station...
UAS Communication Infrastructure
Vehicle LAN
Data Link
Ground Station LAN
4/10/2014 © 2014 REAL‐TIME INNOVATIONS, INC. 3
Baseline Capabilities for UAS
Communication Infrastructure
• Open standards based
– Commonality and interoperability
• Tru...
Peer‐To‐Peer Real‐Time DataBus
OMG Data Distribution Service
Control
App
Commands
Sensor
Sensor Data
ActuatorSensor
Sensor...
Data‐Centric Integration
Distributed Data Model and System State
Source
(Key)
Latitude Longitude Altitude
RADAR1 37.4 -122...
Hundreds Of Applications Rely on DDS
4/10/2014 © 2014 REAL‐TIME INNOVATIONS, INC. 7
DO‐178C
• A guideline
• Used by FAA as basis
for certification
– Aircraft are “certified”
– Software code
developed under
...
DO‐178 Safety Levels
Level Failure Condition
Typical % of 
avionics code 
A
Catastrophic
(may be total loss of aircraft)
1...
Certification Costs
• DO‐178 costs $50‐$100 
per ELOC
• Process objectives must 
be met
• All must be documented
• Code mu...
Tenets Of Safety‐Critical Software
• Reduce code size
• Consider testability in design
• Design code to be deterministic
4...
Communication‐Middleware Implications
• Specific implementation with
fewer capabilities
– Reduced ELOC
• Predictable
– No ...
Reducing Middleware Size
• Use efficient data structures
– Optimized for smaller‐scale systems 
– Simpler data structures ...
Safety‐Certifiable Communication Platform
• Scalable product line
for constrained
environments 
• Certifiable component
– ...
Certifiable DDS – Core Capabilities
• Support for multiple
domains
• Domain Participant
Factory
– Create/delete Domain
Par...
Memory Model
Application
Network
DDS middleware
Data Cache
Discovery 
Database
Grows as 
more data 
produced
Grows as 
mor...
Quality of Service (QoS) Support
• Communication protocols
– Best effort
– Reliable with periodic and piggyback heartbeats...
DDS Discovery
Peer 1 (up)
Peer 2 (down)
Initial peers:
Peer 1
Peer 2
4/10/2014 © 2014 REAL‐TIME INNOVATIONS, INC. 18
DDS Discovery – Stage 2
Peer 1 (up)
Peer 2 (down)
4/10/2014 © 2014 REAL‐TIME INNOVATIONS, INC. 19
Discovery for Safety‐Critical Systems
Unknown number of participants connecting
Unknown number of remote endpoints
Know wh...
Certification Evidence
• Plan for Software Aspects of 
Certification (PSAC)
• Software Development Plan (SDP)
– Requiremen...
Savings from DDS Certification Evidence
30,000 ELOC 20,000 ELOC 10,000 ELOC
Level A $3,000,000 $2,000,000 $1,000,000
Level...
Summary
• Certifiable DDS designed for safety‐critical 
applications now available
– Connext DDS Cert
– Standards complian...
Your systems. 
Working as one.
Download
Connext
Free Trial
NOW
www.rti.com/downloads
Thank you
Upcoming SlideShare
Loading in...5
×

How to Cut $2 Million of Your Safety Cert Costs

760

Published on

The design of modern Unmanned Aircraft Systems (UAS) includes many safety-critical components, including processors, operating systems, communication infrastructure and application software. The integration of UAS in the National Airspace System (NAS) is starting to put more weight on implementation of safety-certification guidelines such as DO-178, making the design of these systems even more demanding.

The OMG Data Distribution Service (DDS) standard is widely adopted for system integration in Aerospace and Defense. Its high level of decoupling between system components, real-time interfaces and end-to-end support for Quality of Service (QoS) makes DDS well suited for implementation within UAS.

In this webinar, learn how a safety-certifiable implementation of DDS can reduce certification costs of your project by at least $2 million. We will also discuss testability of distributed systems, how to avoid sources of non-determinism, design alternatives to reliable communication, and more. The certification package that makes it all possible will be available soon. As a project manager, system architect or software engineer, learn all about it in this webinar first.

Published in: Software
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
760
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
23
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

How to Cut $2 Million of Your Safety Cert Costs

  1. 1. Your systems.  Working as one. How to Cut $2M of Your Safety  Certification Costs Edwin de Jong, PhD
  2. 2. Modern Unmanned Aircraft Systems • Network of – Multiple Unmanned Aerial Vehicles (UAVs) – Multiple Ground Control Stations (GCS’s) – Configurable payloads and smart sensors • Multiple and changing mission  objectives • Challenge: – Make data and capabilities of smart sensors  accessible to every relevant participant 4/10/2014 © 2014 REAL‐TIME INNOVATIONS, INC. 2
  3. 3. UAS Communication Infrastructure Vehicle LAN Data Link Ground Station LAN 4/10/2014 © 2014 REAL‐TIME INNOVATIONS, INC. 3
  4. 4. Baseline Capabilities for UAS Communication Infrastructure • Open standards based – Commonality and interoperability • True peer-to-peer architecture – No single point of failure or vulnerability • Portable to any communication media – RF, optical links, high-speed interconnects • Available for heterogeneous environments – Embedded, low-power, small foot-print, RTOS, ARINC 653 – Mainstream OS’s (Windows, Linux) and CPUs (Intel) • Certifiable component (DO-178C) – Integration of UAVs in national airspace 4/10/2014 © 2014 REAL‐TIME INNOVATIONS, INC. 4
  5. 5. Peer‐To‐Peer Real‐Time DataBus OMG Data Distribution Service Control App Commands Sensor Sensor Data ActuatorSensor Sensor Data Display App 4/10/2014 © 2014 REAL‐TIME INNOVATIONS, INC. 5
  6. 6. Data‐Centric Integration Distributed Data Model and System State Source (Key) Latitude Longitude Altitude RADAR1 37.4 -122.0 500.0 UAV2 40.7 -74.0 250.0 LPD3 50.2 -0.7 0.0 4/10/2014 © 2014 REAL‐TIME INNOVATIONS, INC. 6
  7. 7. Hundreds Of Applications Rely on DDS 4/10/2014 © 2014 REAL‐TIME INNOVATIONS, INC. 7
  8. 8. DO‐178C • A guideline • Used by FAA as basis for certification – Aircraft are “certified” – Software code developed under DO‐178 provides “certification evidence” • Increasingly adopted for military aircraft 4/10/2014 © 2014 REAL‐TIME INNOVATIONS, INC. 8
  9. 9. DO‐178 Safety Levels Level Failure Condition Typical % of  avionics code  A Catastrophic (may be total loss of aircraft) 15% B Hazardous/Severe (serious injuries) 35% C Major (minor injuries) 30% D Minor (inconvenience) 15% E No effect 5% 4/10/2014 © 2014 REAL‐TIME INNOVATIONS, INC. 9
  10. 10. Certification Costs • DO‐178 costs $50‐$100  per ELOC • Process objectives must  be met • All must be documented • Code must be clean – Testable – No dead code – Deterministic  Level Process Objectives Code Coverage A 71 Level B and 100% of  MCDC B 69 Level C plus 100% of  DC C 62 Level D plus 100%  of SC D 26 100% of   Requirements E 0 None 4/10/2014 © 2014 REAL‐TIME INNOVATIONS, INC. 10
  11. 11. Tenets Of Safety‐Critical Software • Reduce code size • Consider testability in design • Design code to be deterministic 4/10/2014 © 2014 REAL‐TIME INNOVATIONS, INC. 11
  12. 12. Communication‐Middleware Implications • Specific implementation with fewer capabilities – Reduced ELOC • Predictable – No dynamic memory allocation – Applications preconfigured • Limited size of distributed system – Suiting most avionics systems – Larger size system integration through bridge 4/10/2014 © 2014 REAL‐TIME INNOVATIONS, INC. 12
  13. 13. Reducing Middleware Size • Use efficient data structures – Optimized for smaller‐scale systems  – Simpler data structures allow middleware to  remain small even as new functionality is added • Balance capabilities versus size – Include capabilities relevant in safety‐critical  systems only – Focus on core capabilities 4/10/2014 © 2014 REAL‐TIME INNOVATIONS, INC. 13
  14. 14. Safety‐Certifiable Communication Platform • Scalable product line for constrained environments  • Certifiable component – DO‐178C Level A – ~25K ELOC • Follows OMG DDS specification • FACE compliant interface in development 4/10/2014 © 2014 REAL‐TIME INNOVATIONS, INC. 14
  15. 15. Certifiable DDS – Core Capabilities • Support for multiple domains • Domain Participant Factory – Create/delete Domain Participants • Domain Participant – Create topics (keyed and keyless) – Create publications – Create subscriptions – Delete contained entities • Subscription – Polling – Notification – Read/take • Publication – Write with or without timestamp – Dispose – Liveliness • Thread-safe 4/10/2014 © 2014 REAL‐TIME INNOVATIONS, INC. 15
  16. 16. Memory Model Application Network DDS middleware Data Cache Discovery  Database Grows as  more data  produced Grows as  more nodes  join Configure resource limits before creating entities No memory growth 4/10/2014 © 2014 REAL‐TIME INNOVATIONS, INC. 16
  17. 17. Quality of Service (QoS) Support • Communication protocols – Best effort – Reliable with periodic and piggyback heartbeats • Optional durability – Last value kept in‐memory by publisher • Send/receive cache resource configuration • Publication and subscription deadline • Ownership and strength 4/10/2014 © 2014 REAL‐TIME INNOVATIONS, INC. 17
  18. 18. DDS Discovery Peer 1 (up) Peer 2 (down) Initial peers: Peer 1 Peer 2 4/10/2014 © 2014 REAL‐TIME INNOVATIONS, INC. 18
  19. 19. DDS Discovery – Stage 2 Peer 1 (up) Peer 2 (down) 4/10/2014 © 2014 REAL‐TIME INNOVATIONS, INC. 19
  20. 20. Discovery for Safety‐Critical Systems Unknown number of participants connecting Unknown number of remote endpoints Know which participants are up Simple protocol Stage 1: dynamic participant discovery Stage 2: static loading of endpoints Quasi‐static discovery 4/10/2014 © 2014 REAL‐TIME INNOVATIONS, INC. 20
  21. 21. Certification Evidence • Plan for Software Aspects of  Certification (PSAC) • Software Development Plan (SDP) – Requirements standards – Design standards – Code standards • Software Verification Plan (SVP) • Software Configuration  Management Plan (SCM) • Software Quality Assurance Plan  • Software Requirements Data • Design Description • Traceability • SQA Records • SCM Records • Software Configuration Index • Software Verification Cases and  Procedures • Software Verification Results • Software Accomplishment  Summary Certification evidence can be re‐used across programs 4/10/2014 © 2014 REAL‐TIME INNOVATIONS, INC. 21
  22. 22. Savings from DDS Certification Evidence 30,000 ELOC 20,000 ELOC 10,000 ELOC Level A $3,000,000 $2,000,000 $1,000,000 Level B $2,550,000 $1,700,000 $850,000 Level C $1,800,000 $1,200,000 $600,000 • DDS certification evidence available at fraction  of cost • Availability at start of project also reduces risk 4/10/2014 © 2014 REAL‐TIME INNOVATIONS, INC. 22
  23. 23. Summary • Certifiable DDS designed for safety‐critical  applications now available – Connext DDS Cert – Standards compliant – Small footprint • Code is certifiable to DO‐178 Level A – Minimal lines of code – Deterministic • Certification evidence is reusable 4/10/2014 © 2014 REAL‐TIME INNOVATIONS, INC. 23
  24. 24. Your systems.  Working as one. Download Connext Free Trial NOW www.rti.com/downloads
  25. 25. Thank you
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×